Documentation
¶
Index ¶
Constants ¶
View Source
const (
PE_DOS_STUB = "This program cannot be run in DOS mode"
)
Variables ¶
View Source
var ( ErrUnsupportedArch = errors.New("unsupported PE file architecture") ErrInvalidPeSpecs = errors.New("unsupported PE file specs") ErrInvalidPeHeaders = errors.New("invalid PE headers") )
View Source
var CRC_API_32 = []byte{}/* 129 elements not displayed */
View Source
var CRC_API_64 = []byte{}/* 192 elements not displayed */
View Source
var IAT_API_32 = []byte{}/* 172 elements not displayed */
View Source
var IAT_API_64 = []byte{}/* 218 elements not displayed */
View Source
var LOADER_32 = []byte{}/* 2090 elements not displayed */
View Source
var LOADER_64 = []byte{}/* 2300 elements not displayed */
View Source
var SYSCALL_LOADER_64 = []byte{}/* 2407 elements not displayed */
Functions ¶
This section is empty.
Types ¶
type PE ¶
type PE struct {
Name string
FullName string
FileSize int
IAT bool
Resource bool
IgnoreIntegrity bool
IatResolver bool
SyscallLoader bool
ScrapeHeaders bool
// PE specs...
Architecture int
SizeOfImage uint32
ImageBase uint64
AddressOfEntry uint32
Subsystem uint16
ImportTable uint64
ExportTable uint64
RelocTable uint64
ImportAdressTable uint64
HasBoundedImports bool
HasDelayedImports bool
HasTLSCallbacks bool
HasRelocData bool
IsCLR bool
IsDLL bool
// contains filtered or unexported fields
}
Blueprint structure contains PE specs, tool parameters and OS spesific info
func (*PE) AddCallOver ¶
AddCallOver function adds a call instruction at the beginning of the given payload address of the payload will be pushed to the stack and execution will continue after the end of payload
func (*PE) AssembleLoader ¶
AssemblePayload generates the binary stub bla bla...
func (*PE) ScrapePeHeaders ¶
Source Files
Click to show internal directories.
Click to hide internal directories.